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1 R EMARKS 

2 These remarks follow the order of the paragraphs of the office action. Relevant portions of the 

3 office action are shown indented and italicized. 

4 It is the Examiner 's position that the detailed functionality that allows for Applicant P s 

5 invention to overcome the prior art used in the rejection, fails to differentiate in detail 

6 how these features are unique. As it is extremely well known in the networking art as 

7 already shown by Taylor and other prior arts of records disclosed. Thus, it is clear that 

8 Applicant must submit amendments to the claims in order to distinguish over the prior art 

9 use in the rejection that discloses different features of Applicant 's claim invention. 

10 DETAILED ACTION 

1 1 /. Claims 1-23 remain pending in this examination. Claims 15-17, and 21 remain 

1 2 withdrawn as being drawn to a non-elected invention. 

1 3 Continued Examination Under 37 CFR LI 14 

14 2 A request for continued examination under 37 CFR LI 14, including the fee set forth 

15 in 37 CFR 1 1 7(e), was filed in this application after final rejection and was received on 

1 6 March 10, 2006. Since this application is eligible for continued examination under 37 

1 7 CFR LI 14, and the fee set forth in 37 CFR L 17(e) has been timely paid, the finality of 

1 8 the previous Office action has been withdrawn pursuant to 37 CFR LI 14. Applicants 

19 submission filed on February /, 2006 has been entered, 

20 Claim Rejections -35 USC § 102 

21 5. The text of those sections of Title 35, US. Code not included in this action can be 

22 found in a prior Office action. 

23 Claims 1-6, 844, 18-20, 22 and 23 are rejected under 35 US. C 102(e) as being 

24 anticipated by Goval et al. (USFN 6.976.25$) (hereinafter Goyal). 

25 In response, the applicants respectfully state that they take exception with the equivalencies of 

26 the elements of the claims and the invention of Goyal, Applicants respectfully state that Claims 

27 1-6, 8-14, 1 8-20 7 22 and 23 as amended herein are not anticipated by the invention of Goyal. The 

28 abstract of the present invention, claimed in Claims 1-6, 8-14, 18-20, 22 and 23 reads: 
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1 The increasing number of Internet users and innovative new services such as e-commcrce 

2 are placing new demands on Web servers. It is becoming essential for Web servers to 

3 provide performance isolation, have fast recovery times, and provide continuous service 

4 during overload at least to preferred customers. The invention describes a kernel-based 

5 architecture for content-aware service differentiation that protects Web servers against 

6 overload by controlling the amount and rate of work entering the system. We have 

7 invented a mechanism that provides admission control and service differentiation based 

8 on connection and application level information. The application header-based 

9 connection control uses application-level information (such as URIs and cookies for 

10 HTTP) to define different service differentiation actions. The present invention provides 

1 1 the kernel mechanisms that are more efficient and scalable than application level controls 

1 2 implemented in current Web servers. 

13 Whereas, the cited art to Goya! 7 US Patent 6,976,258, filed: November 30, 1999, is entitled: 

14 "Providing quality of service guarantees to virtual hosts". The Goyal abstract reads : 

15 "A method facilitates providing appropriate quality of service guarantees to a plurality of 

1 6 virtual hosts on a single physical host computer. A server application program and its 

17 child processes service communication requests made to the plurality of virtual hosts. 

18 Quality of service parameters associated with the virtual hosts are stored. Communication 

19 requests made to a specific one of the virtual hosts are detected. The quality of service 

20 parameters associated with the specific virtual host are obtained. Operating system 

21 resources are utilized to guarantee, to a child process of the server application program, a 

22 quality of service according to the obtained quality of service parameters associated with 

23 the virtual host. Communication between the virtual host arid the client is allowed to 

24 proceed, the communication being managed by the child process/'. 

25 Furthermore, the applicants respectfully states that Goyal is concerned only with efficiently 

26 routing connections to one of multiple virtual hosts on a single physical system by intercepting 

27 system calls. Goyal with or without Taylor is not concerned with using application information 

28 or application header information for any purpose including service differentiation. The 
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1 references apparently rely on network addresses which axe well defined in the TCP 

2 communication protocol, not application headers.. Thus Claims 1-6, 8-14, 18-20, 22 and 23 are 

3 allowable. 

4 Applicants respectfully further state that the presently claimed invention includes a mechanism 

5 that provides admission control and service differentiation based on connection and application 

6 level information. This mechanism can be used by 1) a system that is not virtualized (e.g. a 

7 physical system) 2) inside a single virtual host 3) across multiple virtual hosts which are 

8 virtualized by the underlying system 4) a physical system with more than one application. This is 

9 not the case with any of the cited references. 

10 4. Referring to claim 1> Goyal discloses a method comprising employing at least one 

1 1 system for differentiating at least one service class in a kernel (i.e. operating system) 

12 using service differentiation (i.e. QoS) to perform service differentiation based on content 

13 In at least one data packet for connections accepted in said at least one system (i.e. 

1 4 connections are accepted pending QoS requirement fulfillment), including the steps of: 

1 5 capturing at least one data packet until a complete application header is detected Call 

1 6 such requests are received by the sewer application program) (le. an inherent feature of 

1 7 receiving a request is that the packet has an application header) (col. 6, lines 45-50); 

1 8 parsing said complete application header to determine at least one application tag (i.e. 

19 attribute information such as source and destination address 201 which are contained in 

20 the application header) (col 9, lines 28-38); 

21 matching said at least one application tag to at roast one matching rule (i.e. where the 

22 communication channel is to one of the network addresses) (col 9 r lines 30- 38); 

23 determining a presence of at least one match with said at least one matching rule (Le. 

24 where the communication channel is to one of the network addresses) (cot. 9, lines 

25 30-38); and 

26 performing service differentiation (i.e. setting the quality of service guarantees the object 

27 code calls the operating system QoS manager 127 to request an appropriate QoS 

28 guarantee to the child process 109) (col 9, lines 38-55). 

29 In response, the applicants respectfully states that they exception with the equivalencies of claim 

30 1 and Goyal. Goyal may disclose a plurality of network addresses where a network address is 

3 1 equivalent to a virtual host. This is not the steps of claim 1. Claim I reads: 

32 1 . A method comprising: 

DOCKET NUMBER: YOR920010561US2 10/19 



PAGE 10/19 1 RCVD AT 8/21/2006 8:49:36 PM [Eastern Daylight Time] ■ SVR:USPT0-EFXRF-1/13* DNIS:2738300 ■ CSID:8453523194 ■ DURATION (mm-ss):0646 



08/21/2086 19:46 8453523194 

Serial No.; 10/053,012 



PAGE 11 



1 employing at least one system for differentiating at least one service class in a kernel 

2 providing service differentiation as a kernel service based on application level 

3 information, and using service differentiation to provide different levels of quality of 

4 service for system performance to users to perform service differentiation based on 

5 content in at least one data packet for connections accepted in said at least one system, 

6 including the steps of: 

7 capturing said at least one data packet until a complete application header is detected; 

8 parsing said complete application header to determine at least one application tag; 

9 matching said at least one application tag to at least one matching rule; 

1 0 determining a presence of at least one application tag match with said at least one 

1 1 matching rule; and 

12 performing service differentiation action based on said at least one matching rule in order 

13 to provide a particular level of service from said different levels of service. 



14 A review of Goyal (col 9, lines 28-38) shows that Goyal is not parsing application headers, Goyal 

1 5 is doing standard TCP receive processing on the communication protocol header. Goyal col 6, 

1 6 lines 45-50 does not cover "capture 77 a complete application header. Simply receiving a request 

1 7 by the server application as stated in Goyal does not detect and capture the application header. 

18 An awareness of the application header format is required as we have described using HTTP as 

19 the example. Goyal is simply receiving data NOT capturingMetecting a complete application 

20 header. 
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1 Goyal (col 9, lines 30-38) is not matching said at least one application tag to a matching rule, 

2 Goyal is using standard TCP receive processing on a network communication protocol header to 

3 find a desire network address defined in a communication protocol 

4 Goyal has not disclosed the operating system resources required to provide service differentiation 

5 (i.e. QoS). Goyal has not disclosed the content they differentiate service on, only an identification 

6 of the connection via an IP address. Goyal has not disclosed providing service differentiation 

7 based on application headers or tags. Source and destination addresses mentioned by Goyal are 

8 not included in the application header they are contained in the network transport layer. Thus 

9 claim 1 and all claims that depend on claim 1 are allowable over Goyal. 

10 5. Referring to claim 2, Goyal discloses the application tag includes a tag in a 

1 1 communication protocol (te. a destination address is a tag in HTTP) 

12 In response, the applicants respectfully states that the referenced portion of Goyal is referring to 

1 3 network addresses from the TCP transport layer (col I , lines 35-45) which is not application layer 

14 information. Claim 2 is amended to remove the words "and a tag in a communication protocol" 

1 5 Thus claim 2 is allowable over the cited art for itself and because it depends on allowable claim 

16 1. 

1 7 6s Referring to claim 3, it is an inherent feature in HTTP that the URI (i.e. 

1 8 destination address) is the second string in the HTTP header, (the first string is the 

1 9 action word, such as GET POST HEAD SYN, etc. 

20 In response, the applicants respectfully states that Goyal is referring to intercepting system calls 

2 1 that operate on the transport layer network address which is part of the communication protocol 

22 not application headers like HTTP. Besides, claim 3 is dependent on allowable claim 1 and is 

23 therefore allowable. 

24 7. Referring to claim 4 t Goyal discloses employing a table having at least one matching 

25 rule (i.e. QoS parameter table 119) (Figure }; col 7, lines 60-65). 

26 In response, the applicants respectfully states that claim 4 reads, 
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1 4. A method as in claim 1, further comprising employing a tabic having said at least one 

2 matching rule based on application layer information. . 

3 A review of the cited portion of Goyal (col. 7, line 63) employs a table which can be matched on 

4 network address from the TCP transport layer but that is not matched based oil application layer 

5 information. Claim 4 is amended to show that it is based on application layer information. Thus 

6 claim 4 is allowable over the cited art for itself and because it depends on allowable claim 1 . 

7 8. Referring to claim 5, Goyal discloses finding a best match (i.e. finding the network 

8 address requested) (col. 9, lines 30-45), 

9 In response, the applicants respectfully states that Goyal only finds a best match on network 

10 address but not any other type of content like application layer information. Claim 5 is amended 

1 1 to $how that it is content for application layer information. Thus claim 5 is allowable over the 

1 2 cited art for itself and because it depends on allowable claim 1 . 



13 P. Referring to claim 6, Goyal discloses service differentiation, includes rate controlling 

14 (i.e. guaranteeing a quality of service) (col 9, lines 38-55). 

1 5 In response, the applicants respectfully states that Goyal does not disclose the any of the 

16 mechanisms for service differentiation and further does not disclose any of the mechanisms we 

17 disclose in claim 6. Claim 6 is amended to read; 

18 6. A method as in claim I, wherein said step of performing service differentiation action 

1 9 includes at least one action taken from a group of actions including: scheduling 

20 connections, monitoring, request prioritization and a policing action. 

21 Thus claim 6 is allowable over the cited art for itself and because it depends on allowable claim 

22 1. 

23 10. Referring to claim 8, Goyal discloses said action includes protocol control (i.e. QoS 

24 rate guaranteeing) (col 9, lines 30-35). 



25 In response, the applicants respectfully states that the protocol of claim 8 is not found in the 

26 referenced portion of Goyal (col 9. lines 30-35). Goyal does not disclose any of the mechanisms 
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1 for service differentiation and further does not disclose any of the mechanisms disclosed in claim 

2 8. Thus claim 8 is allowable over the cited art for itself and because it ultimately depends on 

3 allowable claim 1 . 

4 1L Referring to claim 9, Goya! discloses installing at east one matching rule (i.e. the 

5 Virtual Host QoS program 1 17 inserts the QoS Table 119 into the OS to be used by the 

6 QoS manager 127) (col. 7, lines 60-65). 



1 In response, the applicants respectfully states that Goyal only installs matching rules on network 

8 addresses not any other content like application information. A review of the cited portion of 

9 Goyal (col 7, lines 60-65) employs a table which can be matched on network address from the 

1 0 TCP transport layer but that are not matched based on application layer information. Claim 9 is 

1 1 amended to show that it is based on application layer information. Thus claim 9 is allowable 

12 over the cited art for itself and because it depends on allowable claim 1 . 

13 12. Referring to claims 10 and 11, Goyal discloses detecting establishment of a new 

14 TCP connection (i.e. request for Address) (col 1, lines 15-20: col. 6, lines 45-50). 

1 5 In response, the applicants respectfully states that Goyal does disclose detecting establishment of 

1 6 a new TCP connection but for the purpose of routing connections to one of multiple virtual hosts 

17 on a single physical system by intercepting system caU$ not to provide admission control and 

18 service differentiation based on connection and application level information. Thus claims 10 

19 and 1 1 are allowable over Goyal each for itself and because each depends on an allowable claim. 



20 13. Referring to claim 12, Goyal discloses the step of establishing a new TCP 

2 1 connection includes receiving a SYN packet, sending a SYN-A CK packet, deferring 

22 accept, receiving ACK for SYN-ACK and deferring notification of data packet (this is an 

23 inherent feature of the HTTP basic 3-way handshake for Connection synchronization 

24 which can be found in the Transmission Control Protocol DARPA Internet urogram 

25 Protocol S pecification. September 1981 prepared by Information Sciences Institute. USC, 

26 P a ge~ 31 Figure 7) (col 6, lines 45-50). 



27 In response, the applicants respectfully states that claim 12 is amended to read: 
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1 12. A method as in claim 1 1 7 wherein said step of establishing of a new TCP connection 

2 includes for application header based service differentiation: receiving SYN packet; 

3 sending SYN-ACK packet; deferring accept; receiving ACK for SYN-ACK packet; and 

4 deferring notification of data packet. 

5 Goyal (col. 1 9 line 34) may indeed indicate that the 3-way handshake is an inherent feature of 

6 TCP. But Goyal does not disclose using the 3-way handshake for application header based 

7 service differentiation. Thus claim 12 is allowable over the cited art for itself and because it 

8 ultimately depends on allowable claim L 

9 14. Referring to claim 13, detecting application header delimiters for said data packet is 

10 an inherent feature of Goyal since without this detection step, the system would not know 

1 1 where the header starts and ends. 

12 In response, the applicants respectfully states that Goyal is not referring to application headers 

1 3 like HTTP in their disclosure, they are referring to transport or network layer headers which are 

14 defined as clear offsets in the TCP/IP protocol. So Goya] does not have to detect application 

1 5 layer delimiters. Thus claim 13 is allowable over the cited art for itself and because it depends 

1 6 on allowable claim 1 . 



17 15. Claims 14 r and 18-20,22, and 23 are rejected for simitar reasons as stated above. 

1 8 In response, the applicants respectfully states that claim 1 4 reads; 

19 14. (previously presented) An apparatus comprising a service differentiation module 

20 employing at least one system for differentiating at least one service class in a kernel 

21 using service differentiation to provide different levels of quality of service for system 

22 performance to users for connections accepted in said at least one system, said module 

23 including a tangible computing medium enabling functions of: 

24 a parser to parse a client Web request; 

25 a classifier to classify the request based on application headers and assigning a request 

26 class within a kernel; 
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1 a selector to determine an action rule based on the request class; and 

2 a performer to apply the action rule based on the request class in order to provide better 

3 system performance for higher classed packets and connections. 

4 A review of Goyal shows that Goyal does not disclose providing service differentiation by 

5 parsing application layer information (e.g. HTTP headers). They are only concerned with 

6 network addresses and Goyal don't disclose any mechanism for an operating system resource for 

7 quality of service or service differentiation. 

8 Goyal does not have the parser since Goyal is not parsing an application tag. 

9 Goyal does not have the selector since Goyal does not have a parsed application tag to select on. 

1 0 Goyal does not have the performer since Goyal makes requests for service differentiation to be 

1 1 performed by the operating system quality of service manager, and does define the actions of the 

1 2 quality of service manager as for claim 14. 

13 Furthermore Goyal doesn't provide service differentiation as a kernel service based on 

14 application level information of Claims 14, and 18-20,22, and 25. Thus Claims 14 is allowable, 

1 5 and claims 18-20,22, and 23 are allowable over the cited art each for itself and because its 

16 dependence on an allowable claim. 



1 7 Claim Rejections - 35 USC § 103 

1 8 16, The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 

19 obviousness rejections set form in this Office action: 

20 (a) A patent may not be obtained though the invention is not identically disclosed or 

21 described as set forth in section 102 of this title, if the differences between the subject 

22 matter sought to be patented and the prior art are such that the subject matter as a whole 

23 would have been obvious at the time the invention was made to a person having ordinary 

24 skill in the art to which said subject matter pertains. Patentabilty shall not be negatived 

25 by the manner in which the invention was made. 
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1 / 7. This application currently names joint inventors. In considering patentability of the 

2 claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of the 

3 various claims was commonly owned at the time any inventions covered therein were 

4 made absent any evidence to the contrary. Applicant is advised of the obligation under 37 

5 CFR 1.56 to point out the inventor and invention dates of each claim that was not 

6 commonly owned at the time a later invention was made in order for the examiner to 

1 consider the applicability of 35 U.S.C 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 

8 prior ad under 35 U S. C. 1 03(a). 

9 Claim 7 is rejected under 35 US. C. 103(a) as being unpatentable over Goyal in view 

1 0 of Tavlor et al CUSPN 6. 728. 885) (hereinafter Taylor) (cited in previous Office Actions ). 

11 18. Goyal discloses the invention substantively as described in claim L Goyal does not 

12 specifically disclose the step of performing service differentiation includes dropping 

1 3 based on rules that are created to provide better performance to the connections that are 
H accepted. In analogous art, Taylor discloses another service differentiation system which 

1 5 includes dropping a connection based on rules that are created to provide better 

1 6 performance to the connections that are accepted (i.e. all firewall rules inherently 

1 7 provide better performance to those connections that are accepted since firewall rules 

1 8 block incoming traffic which will congest the network and thwart attackers from 

1 9 disabling the network) (col 6, lines 25-30). It would have been obvious to one of ordinary 

20 skill in the an to combine the teaching of Taylor with Goyal in order to achieve requested 

2 1 levels of security while meeting performance constraints as supported by Taylor (col. 3. 

22 lines 20-25). 



23 In response, the applicants respectfully state that they take exception with the equivalencies of 

24 the elements of claim 7 and the inventions of Goyat with Taylor. Claim 7 is not made obvious by 

25 the combination of the inventions of Goyal and Taylor. The cited art to Taylor, US Patent 

26 6,728,885, filed: October 8, 1999, is entitled: "System and method for network access control 

27 using adaptive proxies". The Taylor abstract reads : 



28 "A method, system and computer program for providing multilevel security to a computer 

29 network. The method comprises the step of receiving a first communication packet on at 

30 least one network interface port from an outside network. The method further includes the 

3 1 steps of filtering the first packet in one of at least two levels of security comprising a first 

32 level of security which examines the content information of the packet and a second level 

33 of security which examines the first packet excluding the content information of the 

34 packet The system includes a first packet filter configured to filter its input packets by 

35 examining content information of its packets and a second packet filter configured to 
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1 filter its input packets by examining the header information without examining the 

2 content information of its packets. The system further includes a third filter which is 

3 configured to forward a number of packets to one of the first and second filters, thereby 

4 providing security to the computer network- The computer program includes a first 

5 module located in an application layer, a second module located in a network layer, and a 

6 third module located in a kernel space and configured to examine a number of packets 

7 received by the computer network from at least one outside network and to forward the 

8 number of packets to one of the first and second modules after examining the number of 

9 packets". 

10 Thus Taylor is concerned with system security. Taylor is not concerned with system 

1 1 performance as in the Claim 7 furthermore there is not reason to make the combination of Goyal 

12 and Taylor except using hindsight in an attempt to reconstruct the elements of claim 1, A 

1 3 combination of art may not be made if not referred to in one of the cited references thus is 

1 4 allowable over the cited art. 

1 5 Furthermore, applicants respectfully states that Taylor and Goyal do not disclose or make 

16 obvious any actions from an operating system resource that provide quality of service or service 

17 differentiation for an application. Goyal relies on resources provided by the operating system to 

1 8 provide quality of service or service differentiation and does not specify any actions as stated in 

19 claim 6 or claim 7. Taylor discloses a single action dropping for purpose of security via a firewall 

20 with no mention of performance gain. Dropping has an indirect benefit of performance 

21 improvement only if the administrator properly sets the dropping rule for performance and not 

22 just security. There is no indication in the referenced art of an administrator setting performance 

23 based rules. Thus claim 7 is allowable over the cited art for itself and because it depends on 

24 allowable claim 1 . 

25 Response to Arguments 

26 19. Applicants arguments filed October 10,2005 have been fully considered but they are 

27 moot in view of the new grounds of rejection. 
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21. Again, it. is the Examiner 's position that Applicant has not yet submitted claims 
drawn to limitations, which define the operation and apparatus of Applicants disclosed 
invention in manner, which distinguishes over the prior art. As it is Applicant 's right to 
continue to claim as broadly as possible their invention. It. is also the Examiner's right to 
continue to interpret the claim language as broadly as possible. It is the Examiner 's 
position that the detailed functionality that allows for Applicant 's invention to overcome 
the prior art used in the rejection, fails to differentiate in detail how these features are 
unique. As it is extremely well known in the networking art as already shown by Taylor 
and other prior arts of records disclosed. Thus, it is clear that Applicant must submit 
amendments to the claims in order to distinguish over the prior art use in the rejection 
that discloses different features of Applicant 's claim invention. 



1 2 In response, applicants have more than modified the claims in the present application in 

1 3 accordance with agreements made in a telephone conversation with the Examiner, on August 2 1 , 

1 4 2006. It is believed that all claims are certainly now allowable. 

15 It is anticipated that the present amendment brings to allowance of all claims 1-23 not withdrawn. In the 

1 6 event that any questions remain, please contact the undersigned before issuing a FINAL rejection. 

1 7 Please charge any fee necessary to enter this paper to deposit account 50-05 1 0. 



Respectfully submitted, 
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